CORS on OVH Object Storage

A heads-up before you dive in: OVH offers two object-storage products that look similar but have different CORS workflows.

• OVHcloud Object Storage (S3-compatible, “high-performance object storage”) — uses the standard S3 CORS API. The AWS-shaped JSON policy from the AWS S3 guide works against the OVH S3 endpoint.
• OVHcloud Storage (Swift-based, “standard object storage”) — built on OpenStack Swift. CORS is set per-container as Swift headers, not as an S3 policy.

Relyn connects via the S3 endpoint when you choose the S3-compatible flavour. If that’s what you set up:

S3-compatible flavour — apply the policy

Use the AWS CLI pointed at the OVH endpoint. Replace the endpoint host with your region’s S3 endpoint (e.g. s3.gra.cloud.ovh.net for Gravelines):

aws s3api put-bucket-cors \
  --endpoint-url https://s3.gra.cloud.ovh.net \
  --bucket YOUR_BUCKET \
  --cors-configuration '{
    "CORSRules": [
      {
        "AllowedOrigins": ["https://studio.relyn.app", "http://localhost:5173"],
        "AllowedMethods": ["GET", "PUT", "HEAD", "POST", "DELETE"],
        "AllowedHeaders": ["*"],
        "ExposeHeaders": ["ETag"],
        "MaxAgeSeconds": 3600
      }
    ]
  }'

Then back in Relyn, open the bucket and click Diagnose.

Why this page is shorter than the others

We don’t operate OVH ourselves day-to-day, and their dashboard UI changes fairly often. Rather than risk listing screen-by-screen steps that go stale, we point you at OVH’s own documentation as the source of truth.

If you hit something that this page should mention, please drop a note to hello@relyn.app — we’ll expand the guide based on what real users run into.

Further reading

• OVHcloud: Configuring CORS on a container or bucket — official docs
• OVHcloud Object Storage product page